770f58a4ef111717eaaa33a3d1db148a | Triage

Sharing

General

Target

770f58a4ef111717eaaa33a3d1db148a
Size

123KB
MD5

770f58a4ef111717eaaa33a3d1db148a
SHA1

c9f92b90442966728e76ba7d5aee2877b54a93e0
SHA256

e0fcb1410e9ebf2d4edd6c64887d3dff45a732f2ea3f2642444c743f17d64aec
SHA512

dc0c20d71d0fa343e0ccae86f61a09a4297fcaad46db39e4bb702e502b1671a3463e2b5bddfc30d07575630c26c72e5cc4a996225522e3056d0f64fe3ada47f8
SSDEEP

3072:uMB5Q4QCHcjBNeo7Ty2o4k9/ijgDEuQv2N1X7VBrW7dr68Uz:JQ7CHcHNTy2e/5DEXujrVx3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
770f58a4ef111717eaaa33a3d1db148a

Files

770f58a4ef111717eaaa33a3d1db148a
.exe windows:4 windows x86 arch:x86

4dc667471a79b81acadf762aab4563d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleCP
Sleep
LoadLibraryExA
GetStdHandle
LockResource
EnterCriticalSection
HeapCreate
GlobalFree
CloseHandle
GetDriveTypeA
GetLastError
InterlockedExchange
RaiseException
GlobalUnlock
GlobalDeleteAtom
VirtualProtect
GetLocaleInfoA
GetACP
GlobalAddAtomA
FoldStringA
SetErrorMode

user32

CharToOemA
GetFocus
EndPaint
DrawEdge
GetWindow
GetParent
SetForegroundWindow
DrawTextA
GetActiveWindow
GetWindowTextA
ClipCursor
IsIconic
GetClassNameA
ReleaseDC
GetCursorPos
GetMenuItemInfoA
ShowWindow
BeginPaint
ValidateRect

version

VerFindFileA
VerQueryValueA
VerLanguageNameA
GetFileVersionInfoSizeA
GetFileVersionInfoA

rasadhlp

WSAttemptAutodialName

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 736KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ